Avaya P333R-LB manual Transparent Routing Firewall Load Balancing, Implementation

Page 144

Chapter 14 Load Balancing in the P333R-LB

of failure.

P333R-LB supports both bridging and two types of routing firewalls: transparent and non-transparent.

Transparent Routing Firewall Load Balancing

This section explains how the P333R-LB supports Transparent Routing FWLB, and includes configuration examples.

Implementation

For Transparent Routing FWLB, the load balancer receives a packet, makes a load balancing decision, and forwards the packet to a firewall. The firewall does not perform Network Address Translation (NAT) on the packets; the source and destination IP addresses are not changed.

Two P333R-LBs are required for Transparent Routing FWLB, one on each side of the firewalls. One device intercepts traffic between the protected zone and the firewall, and the second device intercepts traffic between the unprotected zone and the firewall.

Transparent Routing firewalls act as "next hop" devices from the perspective of the P333R-LB. After one of the firewalls in a group is selected, normal routing to that firewall takes place.

The P333R-LB performs an “intelligent routing” decision, based on the Load Balancing criteria, and replaces the MAC address in the packets by the MAC address of the selected firewall.

P333R-LB enables you to route packets destined to a Demilitarized Zone (DMZ). A DMZ is a portion of the client’s network, apart from the client’s LAN, where remote access is allowed. After creating a DMZ, a third load balancer is installed, which routes packets to the DMZ.

2

Avaya P333R-LB User’s Guide

Image 144
Contents Avaya P333R-LB Page Table of Contents Section Installing the P330 Section Configuration of the P330 LAG Bootp Vrrp Avaya User’s Guide Vii Section Troubleshooting and Maintaining the P330 Before you Install the P333R-LB Safety Information FCC NoticeConventions Used in the Documentation CLI ConventionsAvaya P333R-LB User’s Guide Avaya P333R-LB Page Avaya P330 Family Features Avaya P333R-LB OverviewIntroduction Avaya P330 Command Line Interface CLI Avaya Multi-Service Network Manager MsnmAvaya P330 Network Management Avaya P330 Device Manager Embedded WebFans, Power Supply and Bups Monitoring SmonAvaya P333R-LB Overview Avaya P333R-LB User’s Guide Standards and Compatibility Avaya P330 Standards SupportedIetf Layer Ietf Network Monitoring Specifications Avaya P333R-LB SwitchSafety Safety AC VersionSafety DC Version Agency ApprovalsStacking Module Expansion ModulesInterfaces Basic MtbfLaser Classification Usage RestrictionLaser Data Fast Ethernet Fiber Expansion Module Ethernet/Fast Ethernet Expansion ModuleSafety Information Gbic Expansion ModuleSpecifications Avaya Approved Gbic TransceiversAgency Approval X330GT2 Gigabit Ethernet Expansion ModuleATM Expansion Modules Multi-Mode Module LED Warning WAN Expansion ModulesChapter Installing the P330 Page Installation Required ToolsSite Preparation Power Requirements DC Rack Mounting Optional Avaya P330 Rack MountingStacking Switches Optional Installing the X330STK Stacking Sub-module in the P330Connecting Stacking Sub-modules Incorrect Stack Connection Avaya P330 Stack Connections Installing Expansion Sub-modules Installing the Expansion Sub-module into the Avaya P330Making Connections to Network Equipment PrerequisitesPort Types 1000BASE-SX Chapter Installation Avaya P333R-LB User’s Guide Powering Up the Avaya P330 Powering On Avaya P330 Module ACPowering On Avaya P330 Module DC Post-Installation Avaya P333R-LB Front and Back Panels Avaya P333R-LB Front PanelPWR OFF Bups Input Connector Bups Input Connector StickerConfiguring the Terminal Serial Port Parameters Connecting a Terminal to the Avaya P330 Serial portEstablishing a Serial Connection P330 Sessions Assigning P330’s IP Stack AddressEstablishing a Telnet Connection For example telnetConnecting a Modem to the Console Port Establishing a Modem PPP Connection with the P330Overview CLI Architecture Security LevelsEntering the Supervisor Level Defining new local usersExiting the Supervisor Level Entering the CLIIntroduction to Radius User Authentication Illustrates the Radius authentication procedure Radius CommandsUser Authentication Allowed Manager CLI Commands Allowed ManagersUser Authentication Avaya P333R-LB User’s Guide Configuration of the P330 Page Basic Switch Configuration System Parameter Configuration Identifying the systemOperating parameters Network Time Acquiring Protocols Parameter Configuration UTCBasic Switch Configuration Avaya P333R-LB User’s Guide Default Settings of the P330 Configuring the SwitchAvaya P330 Default Settings 10/100Base-TX ports 100Base-F ports Base-X ports Chapter Default Settings of the P330 Default Settings of the P330 Avaya P333R-LB User’s Guide Avaya P330 Layer 2 Features OverviewEthernet Configuring Ethernet Parameters Flow Control PriorityMAC Address Ethernet Configuration CLI Commands CAM TableEthernet Implementation in the Avaya P333R-LB Vlan Configuration Vlan OverviewVlan Tagging Multi Vlan BindingVlan CLI Commands Ingress Vlan SecurityVlan CLI Commands Vlan Implementation in the Avaya P333R-LB Port Based Network Access Control Pbnac How Port Based Authentication WorksPbnac Implementation in the P330 Family Configuring the P330 for Pbnac Pbnac CLI CommandsChapter Avaya P330 Layer 2 Features Avaya P330 Layer 2 Features Spanning Tree Protocol Spanning Tree ProtocolSpanning Tree per Port Rapid Spanning Tree Protocol Rstp About the 802.1w StandardPort Roles Spanning Tree Implementation in the P330 Family Spanning Tree Protocol CLI Commands Spanning Tree Protocol CLI CommandssChapter Avaya P330 Layer 2 Features MAC Security CLI Commands MAC SecurityMAC Security Implementation in P330 Avaya P330 Layer 2 Features LAG CLI Commands LAG OverviewLAG Implementation in the Avaya P330 Family of Products Port Redundancy Port Redundancy OperationPort Redundancy CLI Commands Intermodule Port RedundancyAvaya P330 Layer 2 Features IP Multicast Filtering IP Multicast CLI Commands IP Multicast Implementation in the Avaya P333R-LBStack Health CLI Commands Stack HealthImplementation of Stack Health in the P330 Family Port Classification CLI Commands Port ClassificationStack Redundancy Avaya P330 Layer 2 Features Avaya P333R-LB User’s Guide Avaya P330 Layer 3 Features What is Routing?Routing Routing Configuration ForwardingMultinetting Multiple Subnets per Vlan IP Configuration IP Configuration CLI CommandsAssigning Initial Router Parameters Routerconfigure# interface interface-name RIP Routing Interchange Protocol Configuration RIP OverviewRIP CLI Commands RIP2Avaya P330 Layer 3 Features Ospf Open Shortest Path First Configuration Ospf OverviewOspf CLI Commands Static Routing Configuration Static Routing Configuration CLI CommandsStatic Routing Overview Route Preferences RIPRoute Redistribution Commands Route RedistributionARP Address Resolution Protocol Table Configuration ARP OverviewARP CLI Commands ARP TableBOOTP/DHCP Overview DHCP/BOOTP RelayBOOTP/DHCP CLI Commands NetBIOS Re-broadcast Configuration NetBIOS OverviewNetBIOS Re-broadcast Configuration CLI Commands Policy Configuration Policy Configuration OverviewDefault List Behavior Policy Configuration CLI CommandsEnforcement Policy and Load Balancing110 Avaya P333R-LB User’s Guide Policy Configuration Example Avaya P330 PolicyIP Fragmentation and Reassembly IP Fragmentation and Reassembly OverviewIP Fragmentation/Reassembly CLI Commands Layer 3 Configuration File Avaya P330 Layer 3 Features 114 Avaya P333R-LB User’s Guide Layer 3 Redundancy VrrpVrrp Commands Vrrp CommandsAvaya P333R-LB User’s Guide 117 Configuration Example WANChapter Layer 3 Redundancy 120 Avaya P333R-LB User’s Guide Srrp Commands SrrpReal Server Group Backup RSG Backup Configuration ExampleAdditional Redundancy Schemes Avaya P333R-LB User’s Guide 123 124 Avaya P333R-LB User’s Guide Real Server Backup Real Server Backup Configuration Example126 Avaya P333R-LB User’s Guide Avaya P333R-LB User’s Guide 127 Layer 3 Redundancy 128 Avaya P333R-LB User’s Guide Load Balancing in the P333R-LB Firewall Load BalancingBenefits How It WorksTransparent Routing Firewall Load Balancing ImplementationConfiguring Firewall Load Balancing in the P333R-LB LANLoad Balancing in the P333R-LB Load Balancing in the P333R-LB Load Balancing in the P333R-LB Load Balancing in the P333R-LB Load Balancing in the P333R-LB Demilitarized Zone DMZ Configuration Example FirewallLoad Balancing in the P333R-LB Chapter Load Balancing in the P333R-LB Load Balancing in the P333R-LB Load Balancing Metrics for Transparent Routing Fwlb HashHash Metric Loss of Persistency MinMiss HashWeighted Firewalls Selecting a Load Balancing MetricHealth Check Persistency Non-Transparent Routing Firewall Load BalancingImplementation NAT Configuration Example InternetStatic NAT Configuration Example Non-Transparent Routing Fwlb Sample Static NAT Configuration Load Balancing Metrics for Non-Transparent Routing FwlbBridging Firewall Load Balancing Configuration Example Following figure illustrates Bridging FwlbLoad Balancing in the P333R-LB Load Balancing in the P333R-LB Load Balancing Metrics for Bridging Fwlb Firewall Load Balancing Management Security Server Load Balancing BenefitsHalf NAT Load Balancing Load Balancing in the P333R-LB Configuring Server Load Balancing in the P333R-LB Half NAT Based ConfigurationP333R-LB-1config-if2#ip address 10.1.1.10 255.255.255.0 Done 10.1.1.3 Full NAT Load BalancingLoad Balancing in the P333R-LB Full NAT Based Configuration 255.255.255.0Done P333R-LB-1super-ifclient#exit Low Direct Server Return DSR Triangulation RedirectionDSR Triangulation Configuration Example 10 illustrates an SLB Triangulation configurationLoad Balancing in the P333R-LB DNS Configuration Combining Two Cache Applications on the Same Real CachesLoad Balancing Metrics Round Robin 12 Hash Metric Loss of Persistency Weighted Real Servers Health CheckClient Persistency Selecting a Load Balancing Metric and Persistency Option Port Re-mappingLoad Balancing in the P333R-LB Application Redirection Load Balancing in the P333R-LB Configuration Examples Application RedirectionP333R-LB-1configure#ip default-gateway Load Balancing in the P333R-LB Combining Two Cache Applications on the Same Real Caches 15 Two Cache Applications on the Same Real CachesLoad Balancing in the P333R-LB Load Balancing in the P333R-LB Load Balancing Metrics 16 Hash Metric Loss of Persistency Weighted Real Servers Load Balancing in the P333R-LB Client Persistency Policy-Based Routing Source-Based Routing Load Balancing in the P333R-LB Avaya P333R-LB User’s Guide Embedded Web Manager System RequirementsRunning the Embedded Web Manager Embedded Web Manager/Browser CompatabilityWelcome Web-based Manager Installing the Java Plug-in Install from the Avaya SiteInstall from your Local Web Site Embedded Web Manager P330 Page Troubleshooting the Installation Troubleshooting the InstallationTroubleshooting the Installation Maintenance Adding/Replacing an Expansion Sub-moduleAdding an Expansion Sub-module to Avaya P330 Replacing an Existing Expansion Sub-moduleSaving Configuration Definitions Without Saving Configuration DefinitionsReplacing the Stacking Sub-module Updating the Software Software DownloadObtain Software Online Downloading Software Download New Version without Overwriting Existing Version How to Contact Us United StatesAP Asia Pacific Region Cala Caribbean and Latin America Region Avaya P333R-LB User’s Guide
Related manuals
Manual 10 pages 7.24 Kb

P333R-LB specifications

The Avaya P333R-LB is a robust and versatile switch that is part of Avaya's portfolio aimed at enterprise networking solutions. This switch is designed to enhance the performance and scalability of network infrastructure while ensuring high availability and reliability.

One of the main features of the P333R-LB is its Layer 3 switching capability, which allows for efficient routing within an organization's network. This capability is particularly beneficial for organizations with multiple VLANs, as it simplifies the routing process and ensures that data packets are transmitted in the most efficient manner possible.

The P333R-LB is equipped with advanced Quality of Service (QoS) features to prioritize traffic based on the type of application being used. This ensures that critical applications, such as VoIP and video conferencing, receive the necessary bandwidth and low latency required for optimal performance. Additionally, it supports both IPv4 and IPv6 protocols, making it adaptable to a variety of networking environments.

Another important feature of the Avaya P333R-LB is its stackable design. This allows multiple switches to be interconnected, creating a single logical unit. This stacking capability not only simplifies management but also increases overall network capacity and redundancy. In case of a hardware failure, the stack can continue operating without interruption, maintaining network integrity and service continuity.

The switch also integrates advanced security features, including support for MAC filtering, access control lists, and port security. These features help to safeguard network resources from unauthorized access and potential threats. Moreover, the P333R-LB supports 802.1X port-based authentication, which adds an additional layer of security during user access to the network.

The Avaya P333R-LB comes with multiple Gigabit Ethernet ports, allowing for high-speed connectivity to devices such as servers, workstations, and IP phones. This ensures that all devices on the network can communicate effectively, supporting the demands of modern enterprise environments.

For management and monitoring, the P333R-LB offers a user-friendly web interface along with SNMP support, enabling network administrators to easily configure settings and monitor network performance. This simplicity in management is crucial for IT teams that need to ensure optimal network performance while minimizing downtime.

In summary, the Avaya P333R-LB is a feature-rich, scalable, and reliable switch that meets the needs of demanding enterprise networks. With its advanced technologies, QoS support, stackable design, robust security features, and high-speed connectivity options, the P333R-LB is positioned to support a wide range of applications and enhance overall network performance.